Cloud Computing: Compliance and Client Expectations

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Cloud Computing: Compliance and Client Expectations"

Transcription

1 Cloud Computing: Compliance and Client Expectations February 15, 2012 MOSS ADAMS LLP 1

2 TODAY S PRESENTERS Moderator Kevin Villanueva, CPA, CISA, CISM, CITP, CRISC Sr. Manager, Infrastructure and Security Leader Presenter Chris Kradjan, CPA, CITP, CRISC Partner, National IT Practice Leader SLIDE 2 MOSS ADAMS LLP 2

3 SPEAKER BIO Chris Kradjan, CPA, CITP, CRISC Chris Kradjan is the National Leader for IT Consulting and the SSAE 16 Practice of Moss Adams. With more than 16 years of experience, he serves a variety of complex technology-based service organizations. His practice areas include SSAE 16 auditing, internal controls reviews, Sarbanes-Oxley compliance services, PCI-DSS services, SysTrust/WebTrust audits, and independent technology assessments. Chris is responsible for quality assurance involving IT audits performed by Moss Adams. Chris has developed and continues to maintain oversight of the firm's SSAE 16 audit and technology review compliance practices. SLIDE 3 MOSS ADAMS LLP 3

4 AGENDA Define cloud computing terms Outline risks and benefits Talk about challenges of compliance in the cloud Consider issues from provider and consumer perspective Best practices for success Questions MOSS ADAMS LLP 4

5 CLOUD COMPUTING Cloud Computing Visual Diagram from Wikipedia on Cloud Computing MOSS ADAMS LLP 5

6 HAZE OF TERMINOLOGY Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS) Public, private, hybrid and community clouds Application Service Provider (ASP) Third-party hosting Co-locations Vendor managed solutions MOSS ADAMS LLP 6

7 CLOUD COMPUTING VISUAL MODEL Cloud Security Alliance from the Security Guidance for Critical Areas of Focus in Cloud Computing v2.1 pg.14 MOSS ADAMS LLP 7

8 CLOUD DEPLOYMENT MODELS Public Cloud (External) The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services. Private Cloud (Internal) Hybrid Cloud (Mixed) Community Cloud (Shared) The cloud infrastructure is operated solely for a single organization. It may be managed by the organization or a third party, and may exist on-premises or off-premises. The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability. Shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, or compliance considerations). It may be managed by the organizations or a third party and may exist on-premises or off-premises. Cloud Security Alliance from the Security Guidance for Critical Areas of Focus in Cloud Computing v2.1 pg.17 MOSS ADAMS LLP 8

9 ESSENTIAL CHARACTERISTICS Characteristic On-Demand Self-Service Broad Network Access Resource Pooling Rapid Elasticity Measured Service Definition The cloud provider should have the ability to automatically provision computing capabilities, such as server and network storage, as needed without requiring human interaction with each service s provider. According to NIST, the cloud network should be accessible anywhere, by almost any device (e.g., smart phone, laptop, mobile devices, PDA). The provider s computing resources are pooled to serve multiple customers using a multitenant model, with different physical and virtual resources dynamically assigned and reassigned according to demand. There is a sense of location independence. The customer generally has no control or knowledge over the exact location of the provided resources. However, he/she may be able to specify location at a higher level of abstraction (e.g., country, region or data center). Examples of resources include storage, processing, memory, network bandwidth and virtual machines. Capabilities can be rapidly and elastically provisioned, in many cases automatically, to scale out quickly and rapidly released to scale in quickly. To the customer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time. Cloud systems automatically control and optimize resource use by leveraging a metering capability (e.g., storage, processing, bandwidth and active user accounts). Resource usage can be monitored, controlled and reported, providing transparency for both the provider and customer of the utilized service. MOSS ADAMS LLP 9

10 KEY ATTRIBUTES Offsite Virtual On-Demand Pay-Per-Use Simple IT resources are accessed from an offsite data center that is not owned by you; thus yielding savings in cost of ownership, licenses etc. Software stacks of databases, web servers, operating systems, storage, and networking are assembled virtually and accessed via the web Use as needed, resources can be turned on or off quickly and as needed including storage capacity, databases, web servers and operating systems Pay for what you need, not for unneeded capacity Resources can be configured quickly and easily, e.g. leading cloud computing platforms have open API s Massive Scale Access to extremely large infrastructure that would be challenging to build as a single entity Storage Capacity Elasticity and Resizability Collaboration The use of cloud computing for storage capacity can be ideal, especially for spikes in usage. Because the use of the cloud entails low or no upfront capital costs and low ongoing operational costs, the ability to take advantage of pools of resources on demand in real-time can yield business advantage Ability to be highly flexible nearly instantaneously to changes in load. With cloud computing, an infrastructure supporting an application, business, or business process can be easily resized and right-sized, depending upon conditions Shared environment, IT resources can be consolidated, many users share a common network, allowing costs to be managed AICPA Webinar Cloud Computing Security and Governance - What Auditors Need to Know? MOSS ADAMS LLP 10

11 CLOUD DRIVERS On demand storage, CPU, and servers Hardware failure and upgrades eliminated Gain flexibility and speed in implementations Scalability Quickly provision capacity as needs change Sustainability Availability zones for disaster recovery Leverage IT technology evolution Professional infrastructure management MOSS ADAMS LLP 11

12 BENEFITS OF CLOUD COMPUTING Cost containment Immediacy Availability Scalability Efficiency Resiliency MOSS ADAMS LLP 12

13 ALLURE OF COST SAVINGS Economies of scale Reduced capital to build IT capability Manageable monthly costs MOSS ADAMS LLP 13

14 ANOTHER PERSPECTIVE MOSS ADAMS LLP 14

15 CLOUD LEADERS MOSS ADAMS LLP 15

16 MARKET DIRECTION U.S. powerhouses Multi-national footprint Massive leverage Centralized consumer data Powerful data analytics MOSS ADAMS LLP 16

17 CASE STUDY: AMAZON IAAS o Amazon Elastic Compute Cloud (EC2) o Amazon Elastic MapReduce o Amazon Virtual Private Cloud (Amazon VPC) o Amazon Route 53 PAAS o Amazon DynamoDB o Amazon Relational Database Service (RDS) SAAS o Does not provide SAAS solutions o Other SAAS providers can leverage IAAS and PAAS players like Amazon to move into the cloud MOSS ADAMS LLP 17

18 IAAS AND PAAS Align with the major players Determine service offerings Establish tiers of clients Define service levels by tier Link usage to revenue Institute metrics Implement tools to efficiently track usage Architect for security and privacy protections Institutionalize controls and compliance functions MOSS ADAMS LLP 18

19 SAAS Migrate existing solutions to the cloud Partner with IAAS and PAAS providers Find smartphone and internet applications Establish external facing connections Embed analytical capabilities Adopt similar service levels, metrics, revenue models and control measures as IAAS and PAAS MOSS ADAMS LLP 19

20 CONSUMERS Understand your IT portfolio and service needs Evaluate options in the market Determine which cloud deployment model(s) are a fit Define a cloud strategy At a minimum, look where private clouds are viable Require SLAs Assess the costs factors Build in rate increase limits Look at full lifecycle of data management Be mindful of transition and/or exit strategy if a provider ceases to operate MOSS ADAMS LLP 20

21 NEGATIVE PERCEPTIONS Loss of control Hidden costs renewal rates rise, obscure cost provisions, etc. Integration costs and vendor lock-in Service reliability (emerging vendors) Physical location of data storage (crossing state and national borders, with varying privacy laws) Unclear who owns rights to the data Inability to customize Infrastructure limitations Brand management MOSS ADAMS LLP 21

22 RISKS, THREATS & VULNERABILITIES Availability Access Authentication Regulatory Integrity Privacy Operational Security Service availability and recoverability, complexity, single-points-of-failure, data replication, testing constraints, and over-subscription risk Multi-tenancy, data access, and secure data deletion External authentication, federated authentication, key management, cloud to cloud authentication Audit rights and compliance Shared environments, data monitoring, and data encryption Legal uncertainties, individual rights/confidentiality, and breach/disclosures Vulnerability management, asset management, and incident response AICPA Webinar Cloud Computing Security and Governance - What Auditors Need to Know? MOSS ADAMS LLP 22

23 RISKS, THREATS, VULNERABILITIES (1/6) Security Category Availability Risks, Threats & Vulnerabilities Service Availability and Recoverability Cloud provider may not be able to match in-house IT service availability, recovery time objectives (RTO), and recovery point objectives (RPO) Cloud providers may drastically change business model or discontinue cloud services Complexity Complexity introduced by cloud computing environment results in more pieces that can go wrong, and more complex recovery procedures Single-Points-of-Failure Even if the cloud environment is architecturally designed for high-availability, single-points-offailure may exist in the access path to the cloud Data Replication Due to technical architecture complexity and potentially restrictions by the cloud provider, replicating data back to the enterprise or to another provider may be difficult Testing Constraints Due to concerns about confidentiality and impact to other customers, cloud providers may place heavy constraints on disaster recovery testing activities Over-Subscription Risk In the event of a disaster, other customers may receive higher priority in recovery activities As cloud providers shift from investment mode to capture market share to cost cutting mode to reach profitability, capacity may become constrained AICPA Webinar Cloud Computing Security and Governance - What Auditors Need to Know? MOSS ADAMS LLP 23

24 RISKS, THREATS, VULNERABILITIES (2/6) Security Category Access Risks, Threats & Vulnerabilities Multi-Tenancy Data is possibly exposed to 3rd parties due to lack of access controls on the cloud, allowing unauthenticated parties access to confidential data Data Access Cloud stores data without proper customer segregation allowing possible disclosure to 3rd parties Secure Data Deletion Company data that was deleted is still be retained on servers or storage located on the cloud without knowing AICPA Webinar Cloud Computing Security and Governance - What Auditors Need to Know? MOSS ADAMS LLP 24

25 RISKS, THREATS, VULNERABILITIES (3/6) Security Category Authentication Risks, Threats & Vulnerabilities External Authentication Ownership and maintenance of credential repositories is the responsibility of an external party. Security leading practices cannot be guaranteed Federated Authentication Organizations implement single sign on applications used by multiple business partners but the SSO also grants access to sensitive internal information due to authentication mashups Key Management Any activity related to key generation, exchange, storage, safeguarding, use, vetting, and replacement that results in disclosure will provide access to infrastructure and data Cloud to Cloud Authentication One cloud provider will rely on a second cloud provider to authenticate a user s identity based on the first cloud passing a SAML assertion to the second cloud at the request of a user. Based strictly on the assertion, the second cloud provider will grant the user access to cloud resources. SAML assertions are susceptible to the following attacks: DoS, Man-in-the-Middle, Replay, and Session Hijacking AICPA Webinar Cloud Computing Security and Governance - What Auditors Need to Know? MOSS ADAMS LLP 25

26 RISKS, THREATS, VULNERABILITIES (4/6) Security Category Regulatory Risks, Threats & Vulnerabilities Audit Rights Organizational Rights to perform audits, and review performance against contracts or SLA Compliance Migration to the cloud includes a more complex regulatory environment for some corporations Integrity Shared Environments Data in cloud is in a shared environment alongside data from other customers Data Monitoring Changes made to data without knowledge of the data owners, or accidental overwrites due to collisions with data storage techniques of cloud provider Data Encryption Data at rest is not encrypted and accessed by 3rd parties unknowingly due to faulty access controls AICPA Webinar Cloud Computing Security and Governance - What Auditors Need to Know? MOSS ADAMS LLP 26

27 RISKS, THREATS, VULNERABILITIES (5/6) Security Category Privacy Risks, Threats & Vulnerabilities Legal Uncertainties Multiple jurisdictions increase regulatory complexity Conflicting legal provisions create significant uncertainty in assessing compliance and risk The Privacy and Data Protection legal landscape continues to evolve at a rapid pace Data sharing agreements may be required before moving data to the cloud Business associate agreements (HIPAA) Data controllers and third parties (EU DPD) Individual Rights/Confidentiality Strict terms of service are particularly important in the cloud to preserve individual privacy/confidentiality and to meet regulatory requirements to which the user is subject The cloud facilitates the ability to use/share data across organizations and therefore increase secondary uses of data that may require additional consent/authorization Data is easily accessible by a larger group of users and must be strictly controlled (Protect data at rest) Breach/Disclosure Centralized data stores are especially prone to security breaches Timely discovery and reporting of the breach by the cloud provider may be challenging AICPA Webinar Cloud Computing Security and Governance - What Auditors Need to Know? MOSS ADAMS LLP 27

28 RISKS, THREATS, VULNERABILITIES (6/6) Security Category Operational Security Risks, Threats & Vulnerabilities Vulnerability Management One vulnerability has the potential to expose large number of corporations critical assets Asset Management Assets in the cloud are not properly managed and could leak critical company information or cause data exposures Incident Response Ownership, responsibilities, and actions during incident response are not defined AICPA Webinar Cloud Computing Security and Governance - What Auditors Need to Know? MOSS ADAMS LLP 28

29 TOP CONSIDERATIONS & RISKS Security Tops Cloud Concerns How concerned are you with following issues as they relate to cloud computing? Security Control Performance Support Vendor lock-in 3.3 Speed to activate new services/expand capacity A recent survey was conducted of IT executives/cios about their companies use of, and views about, IT cloud services. The biggest cloud challenge reported was security. 3.3 Configurability Data: InformationWeek Analytics Cloud computing Survey of 453 business technology professionals AICPA Webinar Cloud Computing Security and Governance - What Auditors Need to Know? MOSS ADAMS LLP 29

30 REGULATORS PERSPECTIVE Personally Identifiable Information o Federal requirements NIST o State data breach and privacy laws o Healthcare and patient data: HIPAA Security Rule o FERPA compliance o Safe Harbor Internal Controls over Financial Reporting: o SOC/SSAE 16 audits (previously SAS 70 audits) o Sarbanes-Oxley ISO Payment Card Data: PCI-DSS o QSA audit of service provider Document retention, e-discovery, and public records o Retention policies and practices MOSS ADAMS LLP 30

31 MAKING THE BUSINESS CASE Have a clear and upfront understanding of: Decision drivers to enter the cloud Current state of your IT True costs Economies of scale Integration needs Risk NACUBO Whitepaper: Capturing the Cloud, Defining the Business Case (http://www.nacubo.org) MOSS ADAMS LLP 31

32 PROPER PREPARATION Embrace the cloud, but only where it makes sense Have an organization-wide solution Define requirements Perform proper due diligence Select good vendors with solid track records Review contracts carefully Have an exit strategy Own the implementation and the system use Monitor vendor performance and outcomes Enforce client controls Consider regulatory compliance MOSS ADAMS LLP 32

33 SUMMARY Cloud computing is an increasing trend Significant benefits will drive adoption, despite the concerns Avoid the hype and focus on where it has value for you Institute solutions with sufficient demand and market scale Focus on vendor selection, management, and due diligence Know and manage the risks Do not transfer all control responsibility MOSS ADAMS LLP 33

34 QUESTIONS Chris Kradjan, CPA, CITP, CRISC Partner, National IT Practice Leader (206) / (415) MOSS ADAMS LLP 34

Cloud IT, Privacy, and Security. June 13, 2013

Cloud IT, Privacy, and Security. June 13, 2013 Cloud IT, Privacy, and Security June 13, 2013 Chris Kradjan, CPA, CITP, CRISC Chris Kradjan is the National Leader for IT Consulting and the SSAE 16 Practice of Moss Adams. With more than 16 years of experience,

More information

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud

More information

Cloud Computing; What is it, How long has it been here, and Where is it going?

Cloud Computing; What is it, How long has it been here, and Where is it going? Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013 Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS CLOUD COMPUTING Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing

More information

SSAE 16 for Transportation & Logistics Companies. Chris Kradjan Kim Koch

SSAE 16 for Transportation & Logistics Companies. Chris Kradjan Kim Koch SSAE 16 for Transportation & Logistics Companies Chris Kradjan Kim Koch 1 The material appearing in this presentation is for informational purposes only and should not be construed as advice of any kind,

More information

Managing Cloud Computing Risk

Managing Cloud Computing Risk Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify

More information

yvette@yvetteagostini.it yvette@yvetteagostini.it

yvette@yvetteagostini.it yvette@yvetteagostini.it 1 The following is merely a collection of notes taken during works, study and just-for-fun activities No copyright infringements intended: all sources are duly listed at the end of the document This work

More information

See Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.

See Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models. Cloud Strategy Information Systems and Technology Bruce Campbell What is the Cloud? From http://csrc.nist.gov/publications/nistpubs/800-145/sp800-145.pdf Cloud computing is a model for enabling ubiquitous,

More information

IS PRIVATE CLOUD A UNICORN?

IS PRIVATE CLOUD A UNICORN? IS PRIVATE CLOUD A UNICORN? With all of the discussion, adoption, and expansion of cloud offerings there is a constant debate that continues to rear its head: Public vs. Private or more bluntly Is there

More information

Cloud Security Introduction and Overview

Cloud Security Introduction and Overview Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious

More information

Cloud models and compliance requirements which is right for you?

Cloud models and compliance requirements which is right for you? Cloud models and compliance requirements which is right for you? Bill Franklin, Director, Coalfire Stephanie Tayengco, VP of Technical Operations, Logicworks March 17, 2015 Speaker Introduction Bill Franklin,

More information

Private & Hybrid Cloud: Risk, Security and Audit. Scott Lowry, Hassan Javed VMware, Inc. March 2012

Private & Hybrid Cloud: Risk, Security and Audit. Scott Lowry, Hassan Javed VMware, Inc. March 2012 Private & Hybrid Cloud: Risk, Security and Audit Scott Lowry, Hassan Javed VMware, Inc. March 2012 Private and Hybrid Cloud - Risk, Security and Audit Objectives: Explain the technology and benefits behind

More information

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com Introduction to Cloud Computing Srinath Beldona srinath_beldona@yahoo.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?

More information

The Hybrid Cloud: Bringing Cloud-Based IT Services to State Government

The Hybrid Cloud: Bringing Cloud-Based IT Services to State Government The Hybrid Cloud: Bringing Cloud-Based IT Services to State Government October 4, 2009 Prepared By: Robert Woolley and David Fletcher Introduction Provisioning Information Technology (IT) services to enterprises

More information

Cloud Computing. Course: Designing and Implementing Service Oriented Business Processes

Cloud Computing. Course: Designing and Implementing Service Oriented Business Processes Cloud Computing Supplementary slides Course: Designing and Implementing Service Oriented Business Processes 1 Introduction Cloud computing represents a new way, in some cases a more cost effective way,

More information

White Paper on CLOUD COMPUTING

White Paper on CLOUD COMPUTING White Paper on CLOUD COMPUTING INDEX 1. Introduction 2. Features of Cloud Computing 3. Benefits of Cloud computing 4. Service models of Cloud Computing 5. Deployment models of Cloud Computing 6. Examples

More information

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security

More information

Cloud Computing. Bringing the Cloud into Focus

Cloud Computing. Bringing the Cloud into Focus Cloud Computing Bringing the Cloud into Focus November 2011 Introduction Ken Cochrane CEO, IT/NET Partner, KPGM Performance and Technology National co-leader IT Advisory Services KPMG Andrew Brewin Vice

More information

Cloud Computing An Auditor s Perspective

Cloud Computing An Auditor s Perspective Cloud Computing An Auditor s Perspective Sailesh Gadia, CPA, CISA, CIPP sgadia@kpmg.com December 9, 2010 Discussion Agenda Introduction to cloud computing Types of cloud services Benefits, challenges,

More information

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable

More information

Orchestrating the New Paradigm Cloud Assurance

Orchestrating the New Paradigm Cloud Assurance Orchestrating the New Paradigm Cloud Assurance Amsterdam 17 January 2012 John Hermans - Partner Current business challenges versus traditional IT Organizations are challenged with: Traditional IT seems

More information

Cloud Security Panel: Real World GRC Experiences. ISACA Atlanta s 2013 Annual Geek Week

Cloud Security Panel: Real World GRC Experiences. ISACA Atlanta s 2013 Annual Geek Week Cloud Security Panel: Real World GRC Experiences ISACA Atlanta s 2013 Annual Geek Week Agenda Introductions Recap: Overview of Cloud Computing and Why Auditors Should Care Reference Materials Panel/Questions

More information

Kent State University s Cloud Strategy

Kent State University s Cloud Strategy Kent State University s Cloud Strategy Table of Contents Item Page 1. From the CIO 3 2. Strategic Direction for Cloud Computing at Kent State 4 3. Cloud Computing at Kent State University 5 4. Methodology

More information

Security & Trust in the Cloud

Security & Trust in the Cloud Security & Trust in the Cloud Ray Trygstad Director of Information Technology, IIT School of Applied Technology Associate Director, Information Technology & Management Degree Programs Cloud Computing Primer

More information

Cloud Services Overview

Cloud Services Overview Cloud Services Overview John Hankins Global Offering Executive Ricoh Production Print Solutions May 23, 2012 Cloud Services Agenda Definitions Types of Clouds The Role of Virtualization Cloud Architecture

More information

Bringing the Cloud into Focus. A Whitepaper by CMIT Solutions and Cadence Management Advisors

Bringing the Cloud into Focus. A Whitepaper by CMIT Solutions and Cadence Management Advisors Bringing the Cloud into Focus A Whitepaper by CMIT Solutions and Cadence Management Advisors Table Of Contents Introduction: What is The Cloud?.............................. 1 The Cloud Benefits.......................................

More information

Key Considerations of Regulatory Compliance in the Public Cloud

Key Considerations of Regulatory Compliance in the Public Cloud Key Considerations of Regulatory Compliance in the Public Cloud W. Noel Haskins-Hafer CRMA, CISA, CISM, CFE, CGEIT, CRISC 10 April, 2013 w_haskins-hafer@intuit.com Disclaimer Unless otherwise specified,

More information

AskAvanade: Answering the Burning Questions around Cloud Computing

AskAvanade: Answering the Burning Questions around Cloud Computing AskAvanade: Answering the Burning Questions around Cloud Computing There is a great deal of interest in better leveraging the benefits of cloud computing. While there is a lot of excitement about the cloud,

More information

Cloud Computing Security Issues

Cloud Computing Security Issues Copyright Marchany 2010 Cloud Computing Security Issues Randy Marchany, VA Tech IT Security, marchany@vt.edu Something Old, Something New New: Cloud describes the use of a collection of services, applications,

More information

AHLA. JJ. Keeping Your Cloud Services Provider from Raining on Your Parade. Jean Hess Manager HORNE LLP Ridgeland, MS

AHLA. JJ. Keeping Your Cloud Services Provider from Raining on Your Parade. Jean Hess Manager HORNE LLP Ridgeland, MS AHLA JJ. Keeping Your Cloud Services Provider from Raining on Your Parade Jean Hess Manager HORNE LLP Ridgeland, MS Melissa Markey Hall Render Killian Heath & Lyman PC Troy, MI Physicians and Hospitals

More information

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS Shirley Radack, Editor Computer Security Division Information

More information

ITSM in the Cloud. An Overview of Why IT Service Management is Critical to The Cloud. Presented By: Rick Leopoldi RL Information Consulting LLC

ITSM in the Cloud. An Overview of Why IT Service Management is Critical to The Cloud. Presented By: Rick Leopoldi RL Information Consulting LLC ITSM in the Cloud An Overview of Why IT Service Management is Critical to The Cloud Presented By: Rick Leopoldi RL Information Consulting LLC What s Driving the Move to Cloud Computing Greater than 70%

More information

LEGAL ISSUES IN CLOUD COMPUTING

LEGAL ISSUES IN CLOUD COMPUTING LEGAL ISSUES IN CLOUD COMPUTING RITAMBHARA AGRAWAL INTELLIGERE 1 CLOUD COMPUTING Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing

More information

The Elephant in the Room: What s the Buzz Around Cloud Computing?

The Elephant in the Room: What s the Buzz Around Cloud Computing? The Elephant in the Room: What s the Buzz Around Cloud Computing? Warren W. Stippich, Jr. Partner and National Governance, Risk and Compliance Solution Leader Business Advisory Services Grant Thornton

More information

East African Information Conference 13-14 th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?

East African Information Conference 13-14 th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud? East African Information Conference 13-14 th August, 2013, Kampala, Uganda Security and Privacy: Can we trust the cloud? By Dr. David Turahi Director, Information Technology and Information Management

More information

OVERVIEW Cloud Deployment Services

OVERVIEW Cloud Deployment Services OVERVIEW Cloud Deployment Services Audience This document is intended for those involved in planning, defining, designing, and providing cloud services to consumers. The intended audience includes the

More information

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted. Cloud Computing Topics 1. What is the Cloud? 2. What is Cloud Computing? 3. Cloud Service Architectures 4. History of Cloud Computing 5. Advantages of Cloud Computing 6. Disadvantages of Cloud Computing

More information

Cloud Security and Managing Use Risks

Cloud Security and Managing Use Risks Carl F. Allen, CISM, CRISC, MBA Director, Information Systems Security Intermountain Healthcare Regulatory Compliance External Audit Legal and ediscovery Information Security Architecture Models Access

More information

Enterprise Architecture Review Checklist

Enterprise Architecture Review Checklist Enterprise Architecture Review Checklist Software as a Service (SaaS) Solutions Overview This document serves as Informatica s Enterprise Architecture (EA) Review checklist for Cloud vendors that wish

More information

6 Cloud computing overview

6 Cloud computing overview 6 Cloud computing overview 6.1 General ISO/IEC 17788:2014 (E) Cloud Computing Overview Page 1 of 6 Cloud computing is a paradigm for enabling network access to a scalable and elastic pool of shareable

More information

What Every User Needs To Know Before Moving To The Cloud. LawyerDoneDeal Corp.

What Every User Needs To Know Before Moving To The Cloud. LawyerDoneDeal Corp. What Every User Needs To Know Before Moving To The Cloud LawyerDoneDeal Corp. What Every User Needs To Know Before Moving To The Cloud 1 What is meant by Cloud Computing, or Going To The Cloud? A model

More information

Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC

Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC www.fmsinc.org 1 2015 Financial Managers Society, Inc. Cloud Security Implications

More information

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter Cloud Security considerations for business adoption Ricci IEONG CSA-HK&M Chapter What is Cloud Computing? Slide 2 What is Cloud Computing? My Cloud @ Internet Pogoplug What is Cloud Computing? Compute

More information

Cloud Computing 159.735. Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009

Cloud Computing 159.735. Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009 Cloud Computing 159.735 Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009 Table of Contents Introduction... 3 What is Cloud Computing?... 3 Key Characteristics...

More information

Architecting the Cloud

Architecting the Cloud Architecting the Cloud Sumanth Tarigopula Director, India Center, Best Shore Applications Services 2011Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without

More information

Anypoint Platform Cloud Security and Compliance. Whitepaper

Anypoint Platform Cloud Security and Compliance. Whitepaper Anypoint Platform Cloud Security and Compliance Whitepaper 1 Overview Security is a top concern when evaluating cloud services, whether it be physical, network, infrastructure, platform or data security.

More information

Cloud Computing. What is Cloud Computing?

Cloud Computing. What is Cloud Computing? Cloud Computing What is Cloud Computing? Cloud computing is where the organization outsources data processing to computers owned by the vendor. Primarily the vendor hosts the equipment while the audited

More information

Cloud Computing: What needs to Be Validated and Qualified. Ivan Soto

Cloud Computing: What needs to Be Validated and Qualified. Ivan Soto Cloud Computing: What needs to Be Validated and Qualified Ivan Soto Learning Objectives At the end of this session we will have covered: Technical Overview of the Cloud Risk Factors Cloud Security & Data

More information

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc. Public Clouds Krishnan Subramanian Analyst & Researcher Krishworld.com A whitepaper sponsored by Trend Micro Inc. Introduction Public clouds are the latest evolution of computing, offering tremendous value

More information

Cloud Computing Paradigm Shift. Jan Šedivý

Cloud Computing Paradigm Shift. Jan Šedivý Cloud Computing Paradigm Shift Jan Šedivý Business expectations Improving business processes Reducing enterprise costs Increasing the use of information/analytics Improving enterprise workforce effectiveness

More information

Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit jdoleh@wayne.edu

Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit jdoleh@wayne.edu Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit jdoleh@wayne.edu 2 If cloud computing is so simple, then what s the big deal? What is the

More information

Keeping up with the World of Cloud Computing: What Should Internal Audit be Thinking About?

Keeping up with the World of Cloud Computing: What Should Internal Audit be Thinking About? Keeping up with the World of Cloud Computing: What Should Internal Audit be Thinking About? IIA San Francisco Chapter October 11, 2011 Agenda Introductions Cloud computing overview Risks and audit strategies

More information

OIT Cloud Strategy 2011 Enabling Technology Solutions Efficiently, Effectively, and Elegantly

OIT Cloud Strategy 2011 Enabling Technology Solutions Efficiently, Effectively, and Elegantly OIT Cloud Strategy 2011 Enabling Technology Solutions Efficiently, Effectively, and Elegantly 10/24/2011 Office of Information Technology Table of Contents Executive Summary... 3 The Colorado Cloud...

More information

Introduction to Cloud Computing

Introduction to Cloud Computing 1 Introduction to Cloud Computing CERTIFICATION OBJECTIVES 1.01 Cloud Computing: Common Terms and Definitions 1.02 Cloud Computing and Virtualization 1.03 Early Examples of Cloud Computing 1.04 Cloud Computing

More information

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst Clouds on the Horizon Cloud Security in Today s DoD Environment Bill Musson Security Analyst Agenda O Overview of Cloud architectures O Essential characteristics O Cloud service models O Cloud deployment

More information

WHITE PAPER. How to choose and implement your cloud strategy

WHITE PAPER. How to choose and implement your cloud strategy WHITE PAPER How to choose and implement your cloud strategy INTRODUCTION Cloud computing has the potential to tip strategic advantage away from large established enterprises toward SMBs or startup companies.

More information

A white paper from Fordway on CLOUD COMPUTING. Why private cloud should be your first step on the cloud computing journey - and how to get there

A white paper from Fordway on CLOUD COMPUTING. Why private cloud should be your first step on the cloud computing journey - and how to get there A white paper from Fordway on CLOUD COMPUTING Why private cloud should be your first step on the cloud computing journey - and how to get there PRIVATE CLOUD WHITE PAPER January 2012 www.fordway.com Page

More information

BUSINESS MANAGEMENT SUPPORT

BUSINESS MANAGEMENT SUPPORT BUSINESS MANAGEMENT SUPPORT Business disadvantages using cloud computing? Author: Maikel Mardjan info@bm-support.org 2010 BM-Support.org Foundation. All rights reserved. EXECUTIVE SUMMARY Cloud computing

More information

Leveraging the Private Cloud for Competitive Advantage

Leveraging the Private Cloud for Competitive Advantage Leveraging the Private Cloud for Competitive Advantage Introduction While it is universally accepted that organisations will leverage cloud solutions to service their IT needs, there is a lack of clarity

More information

Assessing Risks in the Cloud

Assessing Risks in the Cloud Assessing Risks in the Cloud Jim Reavis Executive Director Cloud Security Alliance Agenda Definitions of Cloud & Cloud Usage Key Cloud Risks About CSA CSA Guidance approach to Addressing Risks Research

More information

Cloud Computing. Benefits and Risks. Bill Wells, CISSP, CISM, CISA, CRISC, CIPP/IT bill.wells@transamerica.com

Cloud Computing. Benefits and Risks. Bill Wells, CISSP, CISM, CISA, CRISC, CIPP/IT bill.wells@transamerica.com Cloud Computing Benefits and Risks Bill Wells, CISSP, CISM, CISA, CRISC, CIPP/IT bill.wells@transamerica.com 10/3/2012 1 Let s make sure we re all talking about the same thing. WHAT IS CLOUD COMPUTING?

More information

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director

More information

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.

More information

With Eversync s cloud data tiering, the customer can tier data protection as follows:

With Eversync s cloud data tiering, the customer can tier data protection as follows: APPLICATION NOTE: CLOUD DATA TIERING Eversync has developed a hybrid model for cloud-based data protection in which all of the elements of data protection are tiered between an on-premise appliance (software

More information

Things You Need to Know About Cloud Backup

Things You Need to Know About Cloud Backup Things You Need to Know About Cloud Backup Over the last decade, cloud backup, recovery and restore (BURR) options have emerged as a secure, cost-effective and reliable method of safeguarding the increasing

More information

Cloud Computing in a Regulated Environment

Cloud Computing in a Regulated Environment Computing in a Regulated Environment White Paper by David Stephenson CTG Regulatory Compliance Subject Matter Expert February 2014 CTG (UK) Limited, 11 Beacontree Plaza, Gillette Way, READING, Berks RG2

More information

How to ensure control and security when moving to SaaS/cloud applications

How to ensure control and security when moving to SaaS/cloud applications How to ensure control and security when moving to SaaS/cloud applications Stéphane Hurtaud Partner Information & Technology Risk Deloitte Laurent de la Vaissière Directeur Information & Technology Risk

More information

Successful Strategies for Implementing SaaS/Cloud Solutions in Healthcare

Successful Strategies for Implementing SaaS/Cloud Solutions in Healthcare Successful Strategies for Implementing SaaS/Cloud Solutions in Healthcare WHITEPAPER Executive Summary As healthcare organizations struggle with competing priorities such as HITECH/ARRA, Meaningful option

More information

GETTING THE MOST FROM THE CLOUD. A White Paper presented by

GETTING THE MOST FROM THE CLOUD. A White Paper presented by GETTING THE MOST FROM THE CLOUD A White Paper presented by Why Move to the Cloud? CLOUD COMPUTING the latest evolution of IT services delivery is a scenario under which common business applications are

More information

The silver lining: Getting value and mitigating risk in cloud computing

The silver lining: Getting value and mitigating risk in cloud computing The silver lining: Getting value and mitigating risk in cloud computing Frequently asked questions The cloud is here to stay. And given its decreased costs and increased business agility, organizations

More information

John Essner, CISO Office of Information Technology State of New Jersey

John Essner, CISO Office of Information Technology State of New Jersey John Essner, CISO Office of Information Technology State of New Jersey http://csrc.nist.gov/publications/nistpubs/800-144/sp800-144.pdf Governance Compliance Trust Architecture Identity and Access Management

More information

Cloud Computing: Background, Risks and Audit Recommendations

Cloud Computing: Background, Risks and Audit Recommendations Cloud Computing: Background, Risks and Audit Recommendations October 30, 2014 Table of Contents Cloud Computing: Overview 3 Multiple Models of Cloud Computing 11 Deployment Models 16 Considerations For

More information

Enhancing Operational Capacities and Capabilities through Cloud Technologies

Enhancing Operational Capacities and Capabilities through Cloud Technologies Enhancing Operational Capacities and Capabilities through Cloud Technologies How freight forwarders and other logistics stakeholders can benefit from cloud-based solutions 2013 vcargo Cloud Pte Ltd All

More information

Security Considerations for Cloud Computing. Steve Ouzman Security Engineer

Security Considerations for Cloud Computing. Steve Ouzman Security Engineer Security Considerations for Cloud Computing Steve Ouzman Security Engineer AGENDA Introduction Brief Cloud Overview Security Considerations ServiceNow Security Overview Summary Cloud Computing Overview

More information

Getting Familiar with Cloud Terminology. Cloud Dictionary

Getting Familiar with Cloud Terminology. Cloud Dictionary Getting Familiar with Cloud Terminology Cloud computing is a hot topic in today s IT industry. However, the technology brings with it new terminology that can be confusing. Although you don t have to know

More information

Securing The Cloud With Confidence. Opinion Piece

Securing The Cloud With Confidence. Opinion Piece Securing The Cloud With Confidence Opinion Piece 1 Securing the cloud with confidence Contents Introduction 03 Don t outsource what you don t understand 03 Steps towards control 04 Due diligence 04 F-discovery

More information

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing Your Platform of Choice The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing Mark Cravotta EVP Sales and Service SingleHop LLC Talk About Confusing? Where do I start?

More information

SOC on Amazon Web Services (AWS) What You Need To Know Understanding the regulatory roadmap for SOC on AWS

SOC on Amazon Web Services (AWS) What You Need To Know Understanding the regulatory roadmap for SOC on AWS SOC on Amazon Web Services (AWS) What You Need To Know Understanding the regulatory roadmap for SOC on AWS Jeff Cook November 2015 Summary Service Organization Control (SOC) reports (formerly SAS 70 or

More information

Virginia Government Finance Officers Association Spring Conference May 28, 2014. Cloud Security 101

Virginia Government Finance Officers Association Spring Conference May 28, 2014. Cloud Security 101 Virginia Government Finance Officers Association Spring Conference May 28, 2014 Cloud Security 101 Presenters: John Montoro, RealTime Accounting Solutions Ted Brown, Network Alliance Presenters John Montoro

More information

Cloud Computing Risk and Rewards

Cloud Computing Risk and Rewards Cloud Computing Risk and Rewards John Lazarine Vice President and Chief Audit Executive Mark Salamasick Director of Center for Internal Auditing For Dallas CPA Society Convergence 2013 May 8, 2013 John

More information

The NREN s core activities are in providing network and associated services to its user community that usually comprises:

The NREN s core activities are in providing network and associated services to its user community that usually comprises: 3 NREN and its Users The NREN s core activities are in providing network and associated services to its user community that usually comprises: Higher education institutions and possibly other levels of

More information

CLOUD COMPUTING DEMYSTIFIED

CLOUD COMPUTING DEMYSTIFIED CLOUD COMPUTING DEMYSTIFIED Definitions you ve been pretending to understand JACK DANIEL, CCSK, CISSP, MVP ENTERPRISE SECURITY Definitions Words have meaning, professionals need to understand them. We

More information

The NIST Definition of Cloud Computing (Draft)

The NIST Definition of Cloud Computing (Draft) Special Publication 800-145 (Draft) The NIST Definition of Cloud Computing (Draft) Recommendations of the National Institute of Standards and Technology Peter Mell Timothy Grance NIST Special Publication

More information

Windows Server 2003. Your data will be non-compliant & at risk on

Windows Server 2003. Your data will be non-compliant & at risk on Your data will be non-compliant & at risk on Windows Server 2003. On July 14 th 2015, Microsoft will cease its support (including automatic bug fixes, updates and online technical assistance) for Windows

More information

Cloud Essentials for Architects using OpenStack

Cloud Essentials for Architects using OpenStack Cloud Essentials for Architects using OpenStack Course Overview Start Date 18th December 2014 Duration 2 Days Location Dublin Course Code SS906 Programme Overview Cloud Computing is gaining increasing

More information

Cloud Computing: Legal Risks and Best Practices

Cloud Computing: Legal Risks and Best Practices Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent

More information

IBM Spectrum Protect in the Cloud

IBM Spectrum Protect in the Cloud IBM Spectrum Protect in the Cloud. Disclaimer IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM s sole discretion. Information regarding

More information

Top 10 Cloud Risks That Will Keep You Awake at Night

Top 10 Cloud Risks That Will Keep You Awake at Night Top 10 Cloud Risks That Will Keep You Awake at Night Shankar Babu Chebrolu Ph.D., Vinay Bansal, Pankaj Telang Photo Source flickr.com .. Amazon EC2 (Cloud) to host Eng. Lab testing. We want to use SalesForce.com

More information

The Keys to the Cloud: The Essentials of Cloud Contracting

The Keys to the Cloud: The Essentials of Cloud Contracting The Keys to the Cloud: The Essentials of Cloud Contracting September 30, 2014 Bert Kaminski Assistant General Counsel, Oracle North America Ken Adler Partner, Loeb & Loeb LLP Akiba Stern Partner, Loeb

More information

SECURITY RISK MANAGEMENT

SECURITY RISK MANAGEMENT SECURITY RISK MANAGEMENT ISACA Atlanta Chapter, Geek Week August 20, 2013 Scott Ritchie, Manager, HA&W Information Assurance Services Scott Ritchie CISSP, CISA, PCI QSA, ISO 27001 Auditor Manager, HA&W

More information

Cloud Courses Description

Cloud Courses Description Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment

More information

Electronic Records Storage Options and Overview

Electronic Records Storage Options and Overview Electronic Records Storage Options and Overview www.archives.nysed.gov Objectives Understand the options for electronic records storage, including cloud-based storage Evaluate the options best suited for

More information

Technology & Business Overview of Cloud Computing

Technology & Business Overview of Cloud Computing Your Place or Mine? In-House e-discovery Platform vs. Software as a Service Technology & Business Overview of Cloud Computing Janine Anthony Bowen, Esq. Jack Attorneys & Advisors www.jack-law.com Atlanta,

More information

1 Introduction. 2 What is Cloud Computing?

1 Introduction. 2 What is Cloud Computing? 1 Introduction Table of Contents 1 Introduction 2 What is Cloud Computing? 3 Why is Cloud Computing important? 4 Why Cloud deployments fail? 5 Holistic Approach to cloud computing implementation 6 Conclusion

More information

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015 NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X

More information

PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By:

PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By: PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By: Peter Spier Managing Director PCI and Risk Assurance Fortrex Technologies Agenda Instructor Biography Background On

More information

Managed Services Computing

Managed Services Computing Managed Services Computing FTA Technology Conference August 12, 2014 Tim Blevins, CGI CGI Group Inc. Agenda Managed Services Cloud Computing Security and Disaster Recovery Questions 2 Managed services

More information

IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011

IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011 IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011 Cloud Basics Cloud Basics The interesting thing about cloud computing is that we've redefined cloud computing to include everything

More information

The Cloud in Regulatory Affairs - Validation, Risk Management and Chances -

The Cloud in Regulatory Affairs - Validation, Risk Management and Chances - 45 min Webinar: November 14th, 2014 The Cloud in Regulatory Affairs - Validation, Risk Management and Chances - www.cunesoft.com Rainer Schwarz Cunesoft Holger Spalt ivigilance 2014 Cunesoft GmbH PART

More information